General

  • Target

    90f4f99a7ddb39e5374eb0b28aee2ee8c6540d8c0c992170b4976889bb2fca72

  • Size

    434KB

  • Sample

    241105-l59jeazemn

  • MD5

    d30db01e683a1acf65d7d83221cf2994

  • SHA1

    cab1bb6b235e9b6aa65d99c1f4bb3a9bd49a4631

  • SHA256

    90f4f99a7ddb39e5374eb0b28aee2ee8c6540d8c0c992170b4976889bb2fca72

  • SHA512

    3ad6f5926d0b91923eb12ed81698e2a250a1a5c92e1aadd0092a64e6dded7cd9b25333e78cb305afc3dec5e7df0419a9a2196b89470d1568363c8e68cff5cd70

  • SSDEEP

    6144:Hr0QYxhADcxG776qrJvzPkAoaTCoWYCYe7oBAimyA0L2Zv:L0Q4hIcM7+0v7kN0CjYCYcoBAsA0L2p

Malware Config

Extracted

Family

redline

Botnet

asia

C2

45.9.20.240:46257

Attributes
  • auth_value

    218353fc70f3440d970e02bf6e2edeb1

Targets

    • Target

      90f4f99a7ddb39e5374eb0b28aee2ee8c6540d8c0c992170b4976889bb2fca72

    • Size

      434KB

    • MD5

      d30db01e683a1acf65d7d83221cf2994

    • SHA1

      cab1bb6b235e9b6aa65d99c1f4bb3a9bd49a4631

    • SHA256

      90f4f99a7ddb39e5374eb0b28aee2ee8c6540d8c0c992170b4976889bb2fca72

    • SHA512

      3ad6f5926d0b91923eb12ed81698e2a250a1a5c92e1aadd0092a64e6dded7cd9b25333e78cb305afc3dec5e7df0419a9a2196b89470d1568363c8e68cff5cd70

    • SSDEEP

      6144:Hr0QYxhADcxG776qrJvzPkAoaTCoWYCYe7oBAimyA0L2Zv:L0Q4hIcM7+0v7kN0CjYCYcoBAsA0L2p

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks